EOS mainnet launch was delayed last month because of a critical bug which was discovered by Qihoo 360, a China-based cybersecurity firm. Cornell University professor, Emin Gün Sirer criticized EOS developers for not including protocol experts in the project.
Even after the launch of the mainnet, Sirer and a host of crypto experts including Nick Szabo, a smart contracts pioneer condemned EOS for its centralization and code issues.
Expect more problems for EOS
Qihoo 360, last month shared a conversation it had with the chief technical officer of EOS, Daniel Larimer. There, it disclosed the out-of-bound write weakness of EOS. The vulnerability allows hackers to compromise the supernode of EOS.
The report added that the vulnerability was discovered on May 11 and then exploited a few weeks later. The company disclosed this problem, fixed it and closed it on Github. However, it was discovered that it was not fixed completely and the report was made public.
The EOS codebase’s vulnerability opened up this Blockchain network to criticism because EOS was meant to launch its mainnet earlier this month for just five days.
Sirer stated that the problem EOS is facing would worsen and emphasized that EOS’s bug bounty system isn’t practical in identifying structural or conceptual errors with the protocol.
The bug is built to catch simple errors and nor conceptual errors, noted Sirer.
The centralization problem
After the problematic mainnet launch, developers of EOS received criticism from Szabo who said that EOS’s centralized aspect makes it vulnerable to attacks and opens various security holes.
Szabo said that the EOS ‘constitution’ is a security hole and is socially unscalable. This statement referred to EOS’s ability to seize and suspend accounts after inactivity.
Rick Schlesinger, co-founder of EOS New York has said that users should look closely at EOS over the controversial user account suspension process.